16Ağu
Evading authenticated diffie hellman with MITM
I understand that in a non-authenticated Diffie-Hellman setup, a man-in-the-middle attack can occur. Now i'm curious about the feasibility of the following scenario:
Let's assume a situation where www.example.com exclusively supports authenticated Diffie-Hellman.
- The victim attempts to establish contact with https://www.example.com/.
- A man-in-the-middle attacker intervenes, retrieves the certificate from example.com, and sends it back to the victim.
- The victim successfully authenticates the server because the certificate is valid
- The attacker proposes only unauthenticated Diffie-Hellman to the victim as method of encryption.
- The victim agrees to the proposal, resulting in an SSL connection being established between the victim and the attacker.
- The attacker initiates an SSL connection with example.com, which is authenticated due to the initial assumption.
- Requests made by the victim traverse these two connections.
In this manner, the man-in-the-middle attacker maintains two connections simultaneously.
